Please fill out the fields below so we can help you better.
My domain is: nas.mg-bgrahic…
I ran this command:sudo ./certbot-auto certonly
It produced this output:
Domain: nas.mg-bgraphic…
Type: connection
Detail: Could not connect to …external ip…
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
My operating system is (include version):
Raspbian
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
At this moment you can only visit the website in httpS
I got the file now the only problem now is whenn i put the following line:
ssl_certificate /etc/letsencrypt/live/nas.mg-bgraphic…/fullchain.pem;
(instead of the line that was there :
ssl_certificate /etc/nginx/cert.pem;
ssl_certificate_key /etc/nginx/cert.key;
in
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
192.168.2.33 is a private IP address for you local LAN, that isn't routable via the public internet. So, if you are trying to create a certificate for that IP, certbot won't make one.
Depending on your requirements, you have two options:
Setup NAT on your router to forward port 80 and port 443 traffic from your modem's public IP to your LAN device's private IP. Then change your DNS A name entry to the public IP address. Then try recreating the certificate.
If you do actually need to create a valid certificate for a private IP address, this tutorial explains how: Redirecting…